Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Execution order of policy

小白
Cirrus
Cirrus

‎23-Feb-2022 18:18 - edited ‎23-Feb-2022 18:20

Hi,I know that for a program, there must be a sequence of execution, so what is the sequence of ASM policy?I want to know the order of various protection strategies in a policy. For example, compared with SQL injection and XPath injection, who takes effect first, and what is the order of other protection strategies?

Snipaste_2022-02-24_10-06-50.png

Labels:
0 Kudos
2 REPLIES 2

AlexBCT
MVP
MVP

‎06-Mar-2022 08:18

Hi, Is there a particular function you would like to know this for? It may help get you to the answer. 

Do keep in mind though that the WAF system works on an "all-match" strategy (all components that are active and get matched will be reported), rather than a "first-match" strategy (like a firewall policy). 

0 Kudos

小白
Cirrus
Cirrus
In response to AlexBCT

‎07-Mar-2022 02:10

Obviously, when the blacklist and injection exist at the same time, the blacklist must take effect first, isn't it? Then I believe there is a sequence for the same strategy

0 Kudos
Copyright © 2023 Khoros, LLC